The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of TWS

computer threat CVE-2014-0963

IBM GSKit: infinite loop of SSL

Synthesis of the vulnerability

An attacker can send malicious SSL/TLS messages to applications using IBM GSKit, in order to trigger a denial of service.
Severity: 3/4.
Creation date: 20/05/2014.
Identifiers: 1610582, 1671732, 1672724, 1673008, 1673018, 1673666, 1673696, 1674047, 1674824, 1674825, 1681114, 7042179, CVE-2014-0963, VIGILANCE-VUL-14775.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The IBM Global Security Kit (GSKit) suite implements the support of SSL/TLS for several IBM applications.

However, some SSL messages generate an infinite loop in GSKit.

An attacker can therefore send malicious SSL/TLS messages to applications using IBM GSKit, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

cybersecurity announce CVE-2014-0139

cURL: incorrect certificate check via IP Wildcard

Synthesis of the vulnerability

An attacker can invite cURL users to connect to a malicious IP site, in order to trigger a Man-in-the-Middle.
Severity: 2/4.
Creation date: 26/03/2014.
Identifiers: 1689461, CVE-2014-0139, DSA-2902-1, FEDORA-2014-6912, FEDORA-2014-6921, JSA10874, MDVSA-2014:110, MDVSA-2015:098, MDVSA-2015:213, openSUSE-SU-2014:0530-1, openSUSE-SU-2014:0598-1, SOL15862, SSA:2014-086-01, USN-2167-1, VIGILANCE-VUL-14474.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The cURL client can access to a SSL server by using its IP address, or by using its domain name.

A X.509 certificate can contain the '*' character to indicate that it can be used on servers with the same sub-domain. For example:
  w*.example.org

The RFC 2818 forbids wildcard characters in certificates for IP addresses. For example:
  *.2.3.4

However, the libcurl library allows these certificates.

An attacker can therefore invite cURL users to connect to a malicious IP site, in order to trigger a Man-in-the-Middle.
Full Vigil@nce bulletin... (Free trial)

computer threat alert CVE-2014-0138

cURL: re-use of non HTTP/FTP connection

Synthesis of the vulnerability

In some cases, an application compiled with libcurl and not using HTTP/FTP can access to data belonging to another user.
Severity: 2/4.
Creation date: 26/03/2014.
Identifiers: 1689461, CVE-2014-0138, DSA-2902-1, FEDORA-2014-4436, FEDORA-2014-4449, FEDORA-2014-6912, FEDORA-2014-6921, JSA10874, MDVSA-2014:110, MDVSA-2015:098, openSUSE-SU-2014:0530-1, openSUSE-SU-2014:0598-1, RHSA-2014:0561-01, SOL15862, SSA:2014-086-01, USN-2167-1, VIGILANCE-VUL-14473, VMSA-2014-0008.2, VMSA-2014-0012.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The cURL product supports protocols distinct from HTTP and FTP: SCP, SFTP, POP3(S), IMAP(S), SMTP(S) and LDAP(S).

In order to optimize its performances, libcurl uses a pool to store its recent connections. However, after a first non HTTP/FTP query, if the second query uses a new login, the memorized connection is reused. In this case, authentication data of the first query are thus used for the second query.

In some cases, an application compiled with libcurl and not using HTTP/FTP can therefore access to data belonging to another user.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2013-6747

IBM GSKit: denial of service via SSL/TLS

Synthesis of the vulnerability

An attacker can send malicious SSL/TLS messages to applications using IBM GSKit, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 30/01/2014.
Identifiers: 1610582, 1662902, 1665137, 1668664, 1670524, 1671732, 1673696, 1674047, 1674824, 1674825, CVE-2013-6747, VIGILANCE-VUL-14158.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The IBM Global Security Kit (GSKit) suite implements the support of SSL/TLS for several IBM applications.

However, a malformed certificate chain triggers an error.

An attacker can therefore send malicious SSL/TLS messages to applications using IBM GSKit, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer threat bulletin CVE-2013-0169

OpenSSL: information disclosure in CBC mode, Lucky 13

Synthesis of the vulnerability

An attacker can inject wrongly encrypted messages in a TLS/DTLS session in mode CBC, and measure the delay before the error message reception, in order to progressively guess the clear content of the session.
Severity: 1/4.
Creation date: 12/02/2013.
Identifiers: 1643316, c03710522, c03883001, CERTA-2013-AVI-454, CERTFR-2019-AVI-325, CVE-2013-0169, DSA-2621-1, ESX410-201307001, ESX410-201307401-SG, ESX410-201307403-SG, ESX410-201307404-SG, ESX410-201307405-SG, ESXi410-201307001, ESXi410-201307401-SG, FEDORA-2013-2793, FEDORA-2013-2834, FEDORA-2013-4403, FreeBSD-SA-13:03.openssl, HPSBUX02856, HPSBUX02909, JSA10575, JSA10759, JSA10939, Lucky 13, MDVSA-2013:018, MDVSA-2013:052, openSUSE-SU-2013:0336-1, openSUSE-SU-2013:0337-1, openSUSE-SU-2013:0339-1, openSUSE-SU-2016:0640-1, RHSA-2013:0587-01, RHSA-2013:0636-01, RHSA-2013:0782-01, RHSA-2013:0783-01, RHSA-2013:0833-01, RHSA-2013:0834-02, RHSA-2013:0839-02, RHSA-2013:1455-01, RHSA-2013:1456-01, RHSA-2014:0416-01, SB10041, SSA:2013-042-01, SSRT101104, SSRT101289, SUSE-SU-2014:0320-1, VIGILANCE-VUL-12394, VMSA-2013-0009.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The bulletin VIGILANCE-VUL-12374 describes a vulnerability of TLS/DTLS.

For OpenSSL, the solution VIGILANCE-SOL-28668 corrected this vulnerability. However, this solution was not complete.

An attacker can therefore still inject wrongly encrypted messages in a TLS/DTLS session in mode CBC, and measure the delay before the error message reception, in order to progressively guess the clear content of the session.
Full Vigil@nce bulletin... (Free trial)

weakness bulletin CVE-2013-0166

OpenSSL: denial of service via OCSP

Synthesis of the vulnerability

An attacker can setup a malicious OCSP server, in order to stop OpenSSL applications which connect.
Severity: 2/4.
Creation date: 05/02/2013.
Identifiers: 1643316, BID-57755, BID-60268, c03710522, c03883001, CERTA-2013-AVI-099, CERTA-2013-AVI-387, CERTA-2013-AVI-454, CERTFR-2014-AVI-112, CVE-2013-0166, DSA-2621-1, ESX400-201310001, ESX400-201310401-SG, ESX400-201310402-SG, ESX410-201307001, ESX410-201307401-SG, ESX410-201307403-SG, ESX410-201307404-SG, ESX410-201307405-SG, ESXi410-201307001, ESXi410-201307401-SG, FEDORA-2013-2793, FEDORA-2013-2834, FreeBSD-SA-13:03.openssl, HPSBUX02856, HPSBUX02909, JSA10575, JSA10580, MDVSA-2013:018, MDVSA-2013:052, openSUSE-SU-2013:0336-1, openSUSE-SU-2013:0337-1, openSUSE-SU-2013:0339-1, openSUSE-SU-2016:0640-1, RHSA-2013:0587-01, RHSA-2013:0636-01, RHSA-2013:0782-01, RHSA-2013:0783-01, RHSA-2013:0833-01, RHSA-2013:0834-02, RHSA-2013:0839-02, sol14261, SSA:2013-040-01, SSRT101104, SSRT101289, VIGILANCE-VUL-12378, VMSA-2013-0006.1, VMSA-2013-0009, VMSA-2013-0009.1, VMSA-2013-0009.2.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The OCSP (Online Certificate Status Protocol) extension checks the validity of certificates.

The OCSP_basic_verify() function of the crypto/ocsp/ocsp_vfy.c file decodes the received OCSP reply. However, if the key is empty, a NULL pointer is dereferenced.

An attacker can therefore setup a malicious OCSP server, in order to stop OpenSSL applications which connect.
Full Vigil@nce bulletin... (Free trial)

threat announce CVE-2012-2686

OpenSSL: denial of service via CBC and AES-NI

Synthesis of the vulnerability

When an application linked to OpenSSL runs on a processor with AES-NI, an attacker can stop TLS sessions in CBC mode.
Severity: 2/4.
Creation date: 05/02/2013.
Identifiers: 1643316, BID-57755, c03883001, CERTA-2013-AVI-099, CVE-2012-2686, HPSBUX02909, openSUSE-SU-2013:0336-1, openSUSE-SU-2013:0337-1, openSUSE-SU-2013:0339-1, SSA:2013-040-01, SSRT101289, VIGILANCE-VUL-12377.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Since 2008, some x86 processors implement AES-NI assembler instructions. They are used to request the processor to do AES computations with only one instruction.

When an application linked to OpenSSL runs on a processor with AES-NI, an attacker can stop TLS sessions in CBC mode.

 The error could be located in the aesni_cbc_hmac_sha1_cipher() function of the crypto/evp/e_aes_cbc_hmac_sha1.c file.
Full Vigil@nce bulletin... (Free trial)

security note CVE-2013-0169 CVE-2013-1619 CVE-2013-1620

TLS, DTLS: information disclosure in CBC mode, Lucky 13

Synthesis of the vulnerability

An attacker can inject wrongly encrypted messages in a TLS/DTLS session in mode CBC, and measure the delay before the error message reception, in order to progressively guess the clear content of the session.
Severity: 1/4.
Number of vulnerabilities in this bulletin: 7.
Creation date: 05/02/2013.
Identifiers: 1639354, 1643316, 1672363, BID-57736, BID-57774, BID-57776, BID-57777, BID-57778, BID-57780, BID-57781, c03710522, c03883001, CERTA-2013-AVI-099, CERTA-2013-AVI-109, CERTA-2013-AVI-339, CERTA-2013-AVI-454, CERTA-2013-AVI-543, CERTA-2013-AVI-657, CERTFR-2014-AVI-112, CERTFR-2014-AVI-244, CERTFR-2014-AVI-286, CERTFR-2019-AVI-311, CERTFR-2019-AVI-325, CVE-2013-0169, CVE-2013-1619, CVE-2013-1620, CVE-2013-1621, CVE-2013-1622-REJECT, CVE-2013-1623, CVE-2013-1624, DLA-1518-1, DSA-2621-1, DSA-2622-1, ESX400-201310001, ESX400-201310401-SG, ESX400-201310402-SG, ESX410-201307001, ESX410-201307401-SG, ESX410-201307403-SG, ESX410-201307404-SG, ESX410-201307405-SG, ESX410-201312001, ESX410-201312401-SG, ESX410-201312403-SG, ESXi410-201307001, ESXi410-201307401-SG, ESXi510-201401101-SG, FEDORA-2013-2110, FEDORA-2013-2128, FEDORA-2013-2764, FEDORA-2013-2793, FEDORA-2013-2813, FEDORA-2013-2834, FEDORA-2013-2892, FEDORA-2013-2929, FEDORA-2013-2984, FEDORA-2013-3079, FEDORA-2013-4403, FreeBSD-SA-13:03.openssl, GNUTLS-SA-2013-1, HPSBUX02856, HPSBUX02909, IC90385, IC90395, IC90396, IC90397, IC90660, IC93077, JSA10575, JSA10580, JSA10759, JSA10939, Lucky 13, MDVSA-2013:014, MDVSA-2013:018, MDVSA-2013:019, MDVSA-2013:040, MDVSA-2013:050, MDVSA-2013:052, openSUSE-SU-2013:0336-1, openSUSE-SU-2013:0337-1, openSUSE-SU-2013:0339-1, openSUSE-SU-2013:0807-1, openSUSE-SU-2016:0640-1, RHSA-2013:0273-01, RHSA-2013:0274-01, RHSA-2013:0275-01, RHSA-2013:0531-01, RHSA-2013:0532-01, RHSA-2013:0587-01, RHSA-2013:0588-01, RHSA-2013:0636-01, RHSA-2013:0782-01, RHSA-2013:0783-01, RHSA-2013:0833-01, RHSA-2013:0834-02, RHSA-2013:0839-02, RHSA-2013:1135-01, RHSA-2013:1144-01, RHSA-2013:1181-01, RHSA-2013:1455-01, RHSA-2013:1456-01, RHSA-2014:0371-01, RHSA-2014:0372-01, RHSA-2014:0896-01, RHSA-2015:1009, SOL14190, SOL15630, SSA:2013-040-01, SSA:2013-042-01, SSA:2013-242-01, SSA:2013-242-03, SSA:2013-287-03, SSA-556833, SSRT101104, SSRT101289, SUSE-SU-2013:0328-1, SUSE-SU-2014:0320-1, SUSE-SU-2014:0322-1, swg21633669, swg21638270, swg21639354, swg21640169, VIGILANCE-VUL-12374, VMSA-2013-0006.1, VMSA-2013-0007.1, VMSA-2013-0009, VMSA-2013-0009.1, VMSA-2013-0009.2, VMSA-2013-0009.3, VMSA-2013-0015.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The TLS protocol uses a block encryption algorithm. In CBC (Cipher Block Chaining) mode, the encryption depends on the previous block.

When an incorrect encrypted message is received, a fatal error message is sent to the sender. However, the duration of the generation of this error message depends on the number of valid bytes, used by a MAC hash.

An attacker can therefore inject wrongly encrypted messages in a TLS/DTLS session in mode CBC, and measure the delay before the error message reception, in order to progressively guess the clear content of the session.

In order to guess a clear block, 2^23 TLS sessions are required. So, to exploit this vulnerability, the TLS client has to permanently open a new session, as soon as the previous one ended with a fatal error.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2012-1541 CVE-2012-1543 CVE-2012-3213

Oracle JRE, JDK, JavaFX: several vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities of Oracle JRE, JDK and JavaFX can be used by a malicious applet/application in order to execute code or to obtain information. A legitimate applet/application, handling malicious data, can also be forced to execute code.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 50.
Creation date: 04/02/2013.
Identifiers: 1677352, BID-57670, BID-57681, BID-57682, BID-57683, BID-57684, BID-57685, BID-57686, BID-57687, BID-57688, BID-57689, BID-57690, BID-57691, BID-57692, BID-57693, BID-57694, BID-57695, BID-57696, BID-57697, BID-57699, BID-57700, BID-57701, BID-57702, BID-57703, BID-57704, BID-57705, BID-57706, BID-57707, BID-57708, BID-57709, BID-57710, BID-57711, BID-57712, BID-57713, BID-57714, BID-57715, BID-57716, BID-57717, BID-57718, BID-57719, BID-57720, BID-57721, BID-57722, BID-57723, BID-57724, BID-57725, BID-57726, BID-57727, BID-57728, BID-57729, BID-57730, BID-57731, c03714148, c03725347, c03735640, CERTA-2013-AVI-092, CVE-2012-1541, CVE-2012-1543, CVE-2012-3213, CVE-2012-3342, CVE-2012-4301, CVE-2012-4305, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0436, CVE-2013-0437, CVE-2013-0438, CVE-2013-0439, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0444, CVE-2013-0445, CVE-2013-0446, CVE-2013-0447, CVE-2013-0448, CVE-2013-0449, CVE-2013-0450, CVE-2013-1472, CVE-2013-1473, CVE-2013-1474, CVE-2013-1475, CVE-2013-1476, CVE-2013-1477, CVE-2013-1478, CVE-2013-1479, CVE-2013-1480, CVE-2013-1481, CVE-2013-1482, CVE-2013-1483, CVE-2013-1489, FEDORA-2013-1898, FEDORA-2013-2188, FEDORA-2013-2197, FEDORA-2013-2205, FEDORA-2013-2209, HPSBUX02857, HPSBUX02864, HPSBUX02867, IC90659, javacpufeb2013, MDVSA-2013:010, MDVSA-2013:095, openSUSE-SU-2013:0308-1, openSUSE-SU-2013:0312-1, openSUSE-SU-2013:0377-1, RHSA-2013:0236-01, RHSA-2013:0237-01, RHSA-2013:0245-01, RHSA-2013:0246-01, RHSA-2013:0247-01, RHSA-2013:0624-01, RHSA-2013:0625-01, RHSA-2013:0626-01, RHSA-2013:1455-01, RHSA-2013:1456-01, SE-2012-01, SSRT101103, SSRT101156, SUSE-SU-2013:0315-1, SUSE-SU-2013:0440-1, SUSE-SU-2013:0440-2, SUSE-SU-2013:0440-3, SUSE-SU-2013:0440-4, SUSE-SU-2013:0440-6, SUSE-SU-2013:0456-1, SUSE-SU-2013:0456-2, SUSE-SU-2013:0456-3, SUSE-SU-2013:0456-4, swg21627634, swg21633311, swg21633669, swg21633674, swg21645096, swg21645100, VIGILANCE-VUL-12368, VU#858729, ZDI-13-010, ZDI-13-011, ZDI-13-012, ZDI-13-013, ZDI-13-022, ZDI-13-023.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Oracle JRE, JDK and JavaFX. The most severe vulnerabilities lead to code execution.

An attacker can use a vulnerability of 2D, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57681, CVE-2013-0437]

An attacker can use a vulnerability of 2D, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57686, CVE-2013-1478]

An attacker can use a vulnerability of AWT, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57687, CVE-2013-0442]

An attacker can use a vulnerability of AWT, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57689, CVE-2013-0445]

An attacker can use a vulnerability of AWT, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57691, CVE-2013-1480, ZDI-13-022]

An attacker can use a vulnerability of CORBA, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57692, CVE-2013-0441]

An attacker can use a vulnerability of CORBA, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57694, CVE-2013-1475]

An attacker can use a vulnerability of CORBA, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57696, CVE-2013-1476]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57697, CVE-2012-1541]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57699, CVE-2013-0446]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57700, CVE-2012-3342]

An attacker can use a vulnerability of JMX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57703, CVE-2013-0450]

An attacker can use a vulnerability of JavaFX D3DRendererDelegate, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57706, CVE-2013-1479, ZDI-13-023]

An attacker can use a vulnerability of Libraries, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57709, CVE-2013-0425]

An attacker can use a vulnerability of Libraries, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57711, CVE-2013-0426]

An attacker can use a vulnerability of Libraries, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57713, CVE-2013-0428]

An attacker can use a vulnerability of Scripting NativeJavaConstructor, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57717, CVE-2012-3213, ZDI-13-011]

An attacker can use a vulnerability of Sound PV_ProcessSampleWithSMOD, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57718, CVE-2013-1481, ZDI-13-010]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57721, CVE-2013-0436]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57725, CVE-2013-0439]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57682, CVE-2013-0447]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57683, CVE-2013-1472]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57684, CVE-2012-4301]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57685, CVE-2013-1477]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57688, CVE-2013-1482]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57693, CVE-2013-1483]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57690, CVE-2013-1474]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57695, CVE-2012-4305]

An attacker can use a vulnerability of Beans, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57701, CVE-2013-0444]

An attacker can use a vulnerability of CORBA, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57710, CVE-2013-0429]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57714, CVE-2013-0419]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57716, CVE-2013-0423]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57705, CVE-2012-1543, ZDI-13-012, ZDI-13-013]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57720, CVE-2013-0351]

An attacker can use a vulnerability of Install, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57722, CVE-2013-0430]

An attacker can use a vulnerability of AWT, in order to obtain or alter information. [severity:3/4; BID-57727, CVE-2013-0432]

An attacker can use a vulnerability of Deployment, in order to obtain information. [severity:2/4; BID-57704, CVE-2013-0449]

An attacker can use a vulnerability of Deployment, in order to alter information. [severity:2/4; BID-57731, CVE-2013-1473]

An attacker can use a vulnerability of JAX-WS, in order to obtain information. [severity:2/4; BID-57729, CVE-2013-0435]

An attacker can use a vulnerability of JAXP, in order to obtain information. [severity:2/4; BID-57730, CVE-2013-0434]

An attacker can use a vulnerability of JMX, in order to obtain information. [severity:2/4; BID-57728, CVE-2013-0409]

An attacker can use a vulnerability of JMX, in order to obtain information. [severity:2/4; BID-57726, CVE-2013-0431]

An attacker can use a vulnerability of Libraries, in order to alter information. [severity:2/4; BID-57724, CVE-2013-0427]

An attacker can use a vulnerability of Libraries, in order to alter information. [severity:2/4; BID-57723, CVE-2013-0448]

An attacker can use a vulnerability of Networking, in order to alter information. [severity:2/4; BID-57719, CVE-2013-0433]

An attacker can use a vulnerability of RMI, in order to alter information. [severity:2/4; BID-57715, CVE-2013-0424]

An attacker can use a vulnerability of JSSE, in order to create a denial of service. [severity:2/4; BID-57712, CVE-2013-0440]

An attacker can use a vulnerability of Deployment, in order to obtain information. [severity:2/4; BID-57708, CVE-2013-0438]

An attacker can use a vulnerability of JSSE, in order to obtain or alter information. [severity:2/4; BID-57702, CVE-2013-0443]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:1/4; BID-57707, CVE-2013-1489, SE-2012-01]
Full Vigil@nce bulletin... (Free trial)

computer weakness note CVE-2012-2131

OpenSSL 0.9.8: memory corruption via asn1_d2i_read_bio

Synthesis of the vulnerability

An attacker can use malformed ASN.1 data, with an application linked to OpenSSL 0.9.8, in order to corrupt the memory, which leads to a denial of service or to code execution.
Severity: 3/4.
Creation date: 24/04/2012.
Identifiers: 1643316, BID-53212, c03333987, CERTA-2012-AVI-286, CERTA-2012-AVI-419, CERTFR-2014-AVI-480, CERTFR-2016-AVI-300, CVE-2012-2131, DSA-2454-2, HPSBUX02782, JSA10659, MDVSA-2012:064, RHSA-2012:0518-01, RHSA-2012:0522-01, SSRT100844, SUSE-SU-2012:0623-1, SUSE-SU-2012:0637-1, VIGILANCE-VUL-11564.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The version 0.9.8v of OpenSSL was published to correct the vulnerability VIGILANCE-VUL-11559.

However, the vulnerability was not fully corrected by this version.

An attacker can therefore still use malformed ASN.1 data, with an application linked to OpenSSL 0.9.8, in order to corrupt the memory, which leads to a denial of service or to code execution.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about TWS: